This plugin searches the files and database of your website for signs of suspicious activity. It will not stop someone hacking into your site, but it may help you find any uploaded or compromised files left by the hacker. When a website is compromised, hackers leave behind scripts and modified content that can be found by manually searching through all the files on a site.
Some of the methods used to hide their code or spam links are obvious, like using CSS to hide text, and we can search for those strings. The database can also be used to hide content or be used to run code. Spam links are sometimes added to blog posts and comments. Recently, hackers took advantage of the WP plugin system to run their own malicious code. They uploaded files with the extensions of image files and added them to the list of active plugins. This plugin searches through your site and attempts to find those changed files and db records.
You can find the Scanner admin page linked off the Dashboard. You can search in numerous ways:. All fairly self explanatory I think. The custom keyword form allows you to search your files for whatever you like.
Searching through the files on your site will take some time. Slug: exploit-scanner. Author: Automattic. In addition, it examines your set of active plugins for uncommon filenames. See the Exploit Scanner homepage for more info. It is likely that scanner will see false positives i. On the other hand, it is advisable to err one the side of caution; should you be unsure then request in the Support Forums, download a brand new copy of the plugin, search the web for similar situations, etc.
You should be nearly all involved if the scanner will be: making complements around unknown external back links; finding base64 encoded text content in modified core data files or the wp-config. A normal backup routine either handbook or plugin powered is incredibly useful; should anyone ever find that your website has been hacked it is simple to restore your website from a clean back up and fresh group of files and, needless to say, use a new group of passwords.
Improvements to the plugin will undoubtedly be posted here, to Holy Shmoly!
0コメント